Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/XMbVVdNsNRU4kwuSTsaTfjgt8aA.roa
File: XMbVVdNsNRU4kwuSTsaTfjgt8aA.roa (raw, json)
Hash identifier: rlHyjjWCvpf3/1aaEyzyiI/G0lPrwEvIr256w94ubCk=
Subject key identifier: 5C:C6:D5:55:D3:6C:35:15:38:93:0B:92:4E:C6:93:7E:38:2D:F1:A0
Certificate issuer: /CN=7b11318d4bdd3ec5943386e701d7d02bd68300ad
Certificate serial: 0191337B00DDDBD7D6AA94C718AAF934D98E
Authority key identifier: 7B:11:31:8D:4B:DD:3E:C5:94:33:86:E7:01:D7:D0:2B:D6:83:00:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/exExjUvdPsWUM4bnAdfQK9aDAK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/XMbVVdNsNRU4kwuSTsaTfjgt8aA.roa
Signing time: Thu 08 Aug 2024 19:33:04 +0000
ROA not before: Thu 08 Aug 2024 19:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35384
IP address blocks: 176.119.223.0/24 maxlen: 24
194.156.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:33:7b:00:dd:db:d7:d6:aa:94:c7:18:aa:f9:34:d9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b11318d4bdd3ec5943386e701d7d02bd68300ad
Validity
Not Before: Aug 8 19:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cc6d555d36c351538930b924ec6937e382df1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:be:e4:9d:2c:83:d4:2f:bf:99:8e:d2:60:ec:
46:0b:e0:1b:9a:1e:de:88:47:c2:5d:a6:fb:48:59:
31:ea:f7:49:05:3e:8f:ba:33:d2:a9:42:6e:d6:68:
39:8f:ab:06:c0:24:0f:a3:d6:71:45:58:1c:06:14:
11:4b:f6:de:bb:3e:55:e5:e2:1d:d2:61:96:6b:86:
ce:8a:5d:15:61:4b:9b:40:55:7d:58:7b:f1:81:07:
dd:2b:69:82:0f:d0:32:1b:d5:ca:fc:da:1c:24:b6:
06:92:78:d0:bd:51:00:ea:dd:c4:54:a9:79:44:64:
1e:80:80:2c:27:54:83:6f:f5:8c:89:4b:b2:9f:85:
aa:e5:1b:72:01:9b:ce:4d:03:89:7d:fc:80:2a:8e:
03:24:32:27:d1:c9:1e:2a:13:60:28:c0:e8:18:01:
9f:dd:f3:a4:02:39:72:4f:82:ca:0b:f1:86:0d:af:
47:e1:6c:62:fd:b5:7f:6a:dd:11:26:52:6b:65:e3:
48:56:68:33:7e:f7:ae:3a:34:f6:2a:ee:2b:c0:b7:
21:98:d7:30:27:3b:7e:89:0e:f9:39:dd:9d:d3:13:
1b:30:ad:b6:e5:54:a1:2e:65:22:6d:a1:14:69:e4:
db:da:c3:26:c6:86:a7:32:42:df:a3:e5:1f:c1:0c:
2d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C6:D5:55:D3:6C:35:15:38:93:0B:92:4E:C6:93:7E:38:2D:F1:A0
X509v3 Authority Key Identifier:
keyid:7B:11:31:8D:4B:DD:3E:C5:94:33:86:E7:01:D7:D0:2B:D6:83:00:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/exExjUvdPsWUM4bnAdfQK9aDAK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/XMbVVdNsNRU4kwuSTsaTfjgt8aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/exExjUvdPsWUM4bnAdfQK9aDAK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.223.0/24
194.156.188.0/24
Signature Algorithm: sha256WithRSAEncryption
75:de:b2:d3:e2:c2:3b:f2:d6:1b:d5:88:11:b7:bc:e3:33:58:
ce:3d:79:af:9f:e6:be:28:5c:6c:c1:f7:d0:a0:c7:3c:35:86:
e5:c9:ff:3c:8b:e4:21:78:dc:31:fc:db:c6:41:2e:66:72:5c:
6c:cc:6c:9a:5a:bd:7b:0d:83:da:8c:8f:bb:47:34:83:86:46:
37:fa:a8:a2:43:27:a3:dd:d3:b0:00:41:3e:69:a3:c0:5b:a2:
65:56:82:40:75:2d:24:a8:58:76:06:ee:05:5c:1f:d6:08:70:
e0:9d:7f:58:97:93:e5:3e:36:6d:82:5d:1f:75:a7:bd:28:63:
b0:5b:9c:52:d9:9e:3a:8e:07:7f:be:bb:f5:55:6e:ff:87:49:
b5:a5:70:24:35:68:12:6b:49:7d:d1:5e:ce:56:48:a3:df:4a:
ef:4a:e2:17:01:65:2c:8a:de:5d:44:79:a7:f0:ce:9f:98:70:
72:79:d2:ef:7e:a2:18:f6:ca:9c:9c:30:e4:05:28:82:ec:ab:
b0:9e:66:a6:eb:3f:ca:05:5b:e2:c9:df:47:42:55:8b:d6:c5:
30:70:22:1d:9c:3c:ec:fb:bb:cc:95:fd:fe:e4:fc:11:af:dc:
a3:f7:95:2f:ad:fc:45:9f:37:5a:26:da:84:05:98:a7:62:6c:
47:ca:24:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEzewDd29fWqpTHGKr5NNmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMTEzMThkNGJkZDNlYzU5NDMzODZlNzAxZDdkMDJiZDY4
MzAwYWQwHhcNMjQwODA4MTkzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M2ZDU1NWQzNmMzNTE1Mzg5MzBiOTI0ZWM2OTM3ZTM4MmRmMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu77knSyD1C+/mY7SYOxGC+Abmh7e
iEfCXab7SFkx6vdJBT6PujPSqUJu1mg5j6sGwCQPo9ZxRVgcBhQRS/beuz5V5eId
0mGWa4bOil0VYUubQFV9WHvxgQfdK2mCD9AyG9XK/NocJLYGknjQvVEA6t3EVKl5
RGQegIAsJ1SDb/WMiUuyn4Wq5RtyAZvOTQOJffyAKo4DJDIn0ckeKhNgKMDoGAGf
3fOkAjlyT4LKC/GGDa9H4Wxi/bV/at0RJlJrZeNIVmgzfveuOjT2Ku4rwLchmNcw
Jzt+iQ75Od2d0xMbMK225VShLmUibaEUaeTb2sMmxoanMkLfo+UfwQwtxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzG1VXTbDUVOJMLkk7Gk344LfGgMB8GA1UdIwQY
MBaAFHsRMY1L3T7FlDOG5wHX0CvWgwCtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXhFeGpVdmRQc1dVTTRibkFkZlFLOWFEQUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jOWMzNzAtNzEyMy00MDgxLWI5NTYt
ODhlYzU3OWY4OGNhLzEvWE1iVlZkTnNOUlU0a3d1U1RzYVRmamd0OGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jOWMzNzAtNzEyMy00MDgxLWI5NTYtODhlYzU3OWY4OGNh
LzEvZXhFeGpVdmRQc1dVTTRibkFkZlFLOWFEQUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHffAwQA
wpy8MA0GCSqGSIb3DQEBCwUAA4IBAQB13rLT4sI78tYb1YgRt7zjM1jOPXmvn+a+
KFxswffQoMc8NYblyf88i+QheNwx/NvGQS5mclxszGyaWr17DYPajI+7RzSDhkY3
+qiiQyej3dOwAEE+aaPAW6JlVoJAdS0kqFh2Bu4FXB/WCHDgnX9Yl5PlPjZtgl0f
dae9KGOwW5xS2Z46jgd/vrv1VW7/h0m1pXAkNWgSa0l90V7OVkij30rvSuIXAWUs
it5dRHmn8M6fmHByedLvfqIY9sqcnDDkBSiC7Kuwnmam6z/KBVviyd9HQlWL1sUw
cCIdnDzs+7vMlf3+5PwRr9yj95UvrfxFnzdaJtqEBZinYmxHyiSx
Generated at Sun Aug 11 20:20:19 2024 by rpki-client on console-fra.rpki-client.org